Malta’s Financial Intelligence Analysis Unit (FIAU) has imposed a €1.1 million fine on OKX, one of the world’s leading cryptocurrency exchanges, for “serious and systematic” breaches of anti-money laundering (AML) regulations. This penalty highlights the increasing regulatory scrutiny on crypto platforms as global authorities push for stricter compliance standards.
The FIAU investigation and findings
The fine stems from compliance failures identified during a 2023 audit of OKX’s European subsidiary, Okcoin Europe, based in Malta. The investigation revealed flaws in the company’s business risk assessment (BRA), which failed to adequately identify exposure to money laundering risks associated with privacy coins, stablecoins, mixers, and decentralised exchange tokens. Additionally, OKX did not sufficiently monitor the origins of customer funds outside the EU—a critical oversight given its strategy to serve European customers exclusively.
Customer risk assessments (CRAs) were another area of concern. The FIAU found that nearly half of the reviewed customer files lacked proper CRA procedures at onboarding. In some cases, these assessments were conducted months after customers had deposited significant sums. Such systemic lapses in due diligence contributed to the hefty penalty.
Regulatory challenges beyond Malta
This is not the first time OKX has faced regulatory issues. Just last month, EU regulators investigated its alleged role in laundering $100 million from a hack involving Bybit exchange, although OKX denied these claims. Furthermore, the company recently settled a $505 million penalty in the United States over separate compliance violations.
Despite these setbacks, OKX continues to expand its operations across Europe. Earlier this year, it became one of the first crypto exchanges to secure a Markets in Crypto Assets (MiCA) licence through its Malta hub—a milestone that underscores its commitment to regulatory compliance moving forward.
OKX’s response and future outlook
OKX has acknowledged past compliance failures but emphasised significant improvements in its AML policies over the last 18 months. A spokesperson stated that the company remains focused on building a secure and compliant platform for users worldwide. To bolster its compliance framework, OKX has restructured its leadership team and appointed Linda Lacewell—former head of NYDFS—as Chief Legal Officer.
Lessons for the crypto industry
The €1.1 million fine serves as a stark reminder of the importance of robust AML frameworks and proactive risk management in the cryptocurrency sector. As regulators intensify their scrutiny, crypto exchanges must prioritise transparency, customer due diligence, and transaction monitoring to maintain trust and avoid legal repercussions.
For industry players navigating this evolving regulatory landscape, OKX’s case highlights both the risks of non-compliance and the necessity of continuous improvement in governance structures.
